##### Job Description :
Under the general guidance of the Security Architect/Systems Manager, the
candidate will be responsible for evaluating and implementing new
technologies, analyzing infrastructure and software designs and
implementations, and identifying and resolving potential issues to help
enhance and secure a large enterprise network. The position requires a broad
foundation of IT architectural experience with an understanding of current
IaaS, PaaS, and SaaS technologies. Familiarity with Internet-facing
technologies, server/storage technologies, cloud services, and hybrid cloud
integration is a must.
##### **Responsibilities:**
* The candidate will be responsible for designing complex and innovative solutions addressing vulnerability detection, threat, and risk analysis, network intrusion, securing technology assets across the application, infrastructure, cloud, and data tiers, and development/implementation of vulnerability mitigation strategies
* Guides engineering teams and makes informed security decisions on the design of infrastructure, systems, and applications
* Works with tech leads and teams to ensure security is built into app development, network infrastructure, and cloud systems. Work with necessary Information Technology groups to satisfy specific technology-related issues. Act as an Information Security liaison between the customers and all groups in Information Technology
* Implements industry-leading practices around cyber risks and Cloud security and performs security assessments of cloud platforms/environments using industry-standard frameworks such as ISO, CSA-CSM, and NIST
* Designs and develops security policies, standards, and procedures e.g. firewall management, SSL/IPSec, security incident and event management (SIEM), data protection (DLP, encryption), user account management (SSO, SAML), and password/key management
* Identifies software weaknesses that could lead to exploitable vulnerabilities such as SQL injection, cross-site scripting, cross-site request forgery, buffer overflows, use of hard-coded passwords, weak encryption, sensitive data
* A seasoned professional with detailed technical knowledge of techniques, standards, and state-of-the-art capabilities for authentication and authorization, applied cryptography, security vulnerabilities, and remediation. Can advise on architecture decisions at the technical and product level
* Adequate knowledge of web-related technologies (Web applications, Web Services, and Service Oriented Architectures) and network/web-related protocols
* Experience designing the secure deployment and monitoring of applications and infrastructure into public cloud services (e.g., AWS or Microsoft Azure)
* Constantly looking for better ways of solving security problems and designing the solution, not afraid of challenging the status quo
* Support various systems and become SMEs for them
* Respond swiftly to all alerts; performing initial risk/impact assessments or escalating issues as appropriate
* Follow change management controls and guidelines
* Support operating organizations during corporate emergencies. Participate in the Company's emergency management processes, cyber security, and storm plans
* Perform other related tasks and assignments as required
##### **Qualifications:**
* 3-5 years of Thorough understanding of communication protocols and security standards
* Must be comfortable and skilled at driving information security processes and techniques. Must be able to communicate designs and give persuasive presentations. Must be able to interact with all levels of management and communicate technical concepts to a non-technical audience
* Ability to establish medium and long-term plans and priorities and estimate investment requirements
* 3-5 years Strong understanding of cyber security principles
* 2 years of Threat Management, preferred
* Experience with implementing or integrating commercially available infrastructure components
* Experience in evaluating technology and establishing standard designs
* Must be conversant in emerging technologies and practices such as cloud computing
* Experience with Azure Sentinel and Cloud logging, Microsoft integrations with Splunk, preferred
* Knowledge of Containerization and API management, preferred
* Experience with Public Cloud(s) - Azure / Oracle / AWS, preferred
* Ability to create technical documentation, Architecture diagrams, and workflows
* Experience with Bulk deployments
* Experience with AV and EDR
* Experience in Threat Hunting and Threat and Vulnerability management
##### **Splunk related experience:**
* Ability to work with various different methods of getting data in such as Syslog, API, log files
* Ability to create custom extractions, regex, log parsing
* Ability to setup Splunk Environments such as heavy forwarders, Splunk connect 4 Syslog, indexers, deployment servers, and search heads
* Experience with Splunk Cloud
* Ability to integrate Splunk with other products and vendors
* Experience implementing and managing Splunk Enterprise Security and Splunk UEBA
* Ability to modify Splunk Configuration Files
* Experience with scripting languages such as python
* Developing and customizing Splunk apps and dashboards
* Building advanced visualizations
* Designing and optimizing Splunk platform architecture for large-scale and distributed deployments
* Strong understanding of Splunk platform configuration, web UI, and Common Information Model
* Performing data interpretation, classification, and enrichment
* Building data models
* Managing knowledge objects (fields, extractions, tags, event types, lookups, workflow actions, aliases, macros, and so on)
